> ## Documentation Index > Fetch the complete documentation index at: https://docs.rinne.com.br/llms.txt > Use this file to discover all available pages before exploring further. # Get current user information > Returns information about the currently authenticated user based on JWT token. Includes user identifiers, auth methods, and current company context if set. When the bearer is an admin impersonation JWT (ADR-0018), the `user` payload is synthesized from the JWT claims (no real `User` row exists for the operator inside the target organization) and an additional `impersonation` block is included with the actor identity and the target organization id. Clients can detect impersonation by the presence of that block. ## OpenAPI ````yaml /api-spec.yaml get /v1/auth/me openapi: 3.1.0 info: title: Rinne API version: 1.0.0 description: > **Rinne API** is a robust payment platform that offers integration with multiple payment providers. ## Authentication The API uses API Key authentication via the `x-api-key` header. Each company has a unique key to access resources. ## Response Format All responses follow a consistent format: - **Success**: Returns the requested data directly - **Error**: Returns an `error` object with detailed information ## Pagination Endpoints that return lists support pagination through parameters: - `page`: Page number (default: 1) - `limit`: Items per page (default: 20, maximum: 100) ## Supported Providers The API supports multiple payment providers: - **Rinne**: Internal provider - **Celcoin**: PIX integration and other financial services ## Raw Card Data (PCI Endpoints) Card credential fields (`card_data.number`, `card_data.cvv`, `card_data.network_token`, `card_data.cryptogram`, and the 3DS `card.number`) must always be sent encrypted — values start with the `ev:` prefix. Plaintext values are rejected with `400 VALIDATION_ERROR` on every host. There are two ways to send encrypted values: - **rinne-js**: card forms and wallet buttons (Apple Pay / Google Pay) encrypt credentials client-side before they leave the browser. - **PCI API host**: server-to-server integrations that handle raw card data must call `https://pci.api.rinne.com.br/core` (sandbox: `https://pci.api-sandbox.rinne.com.br/core`) instead of the regular host. This endpoint encrypts `number` and `cvv` in transit before the request reaches the API; all other fields pass through unchanged. The PCI host serves only transaction creation and 3DS session creation (both the self and merchant variants); use the regular host for everything else. contact: name: Rinne API Support email: suporte@rinne.com.br servers: - url: https://api-sandbox.rinne.com.br/core description: Sandbox - url: https://api.rinne.com.br/core description: Production security: [] tags: - name: System description: System and API health endpoints - name: Authentication description: User authentication and authorization endpoints - name: Management description: >- Merchant management endpoints - create, list, get specific, overview, update - name: Transactions description: Transaction operations for merchants - create, list, overview, refunds - name: Affiliations description: Affiliation management for merchants - name: Banking description: Banking operations for merchants - balance, cashout, statements - name: Bank Accounts description: Bank account management for merchants - name: Pix Keys description: PIX key management for merchants - name: Company Transactions description: Direct transaction management and query endpoints for companies - name: Companies description: Company management - name: Company Affiliations description: Payment provider affiliation management - name: Company Banking description: Company banking endpoints (balance, etc.) - name: Company Pix description: Company PIX key management - name: Company Ledger description: Company ledger entry query endpoints - name: Ledger description: Ledger entry query endpoints (company and merchants) - name: Webhooks description: Endpoints for receiving webhooks from external providers - name: Pricing description: Fee and cost policy management for transaction pricing - name: Users description: User management endpoints - name: Roles description: Role management endpoints - name: Permissions description: Permission management endpoints - name: Admin description: Admin management endpoints x-scalar-ignore: true paths: /v1/auth/me: get: tags: - Authentication summary: Get current user information description: > Returns information about the currently authenticated user based on JWT token. Includes user identifiers, auth methods, and current company context if set. When the bearer is an admin impersonation JWT (ADR-0018), the `user` payload is synthesized from the JWT claims (no real `User` row exists for the operator inside the target organization) and an additional `impersonation` block is included with the actor identity and the target organization id. Clients can detect impersonation by the presence of that block. responses: '200': description: User information retrieved successfully content: application/json: schema: type: object properties: user: $ref: '#/components/schemas/UserResponse' auth: type: object properties: method: type: string example: jwt auth_method: type: string example: password current_company_id: type: string example: 123e4567-e89b-12d3-a456-426614174000 permissions: type: array items: type: string example: - transaction.list - user.view impersonation: type: - object - 'null' description: | Present only when the bearer is an admin impersonation JWT (ADR-0018). Carries the real operator identity and the target organization the JWT scopes to. required: - actor_email - target_organization_id - jti properties: actor_email: type: string format: email example: joao@rinne.com.br actor_name: type: - string - 'null' example: Joao Faria target_organization_id: type: string format: uuid example: a3dbd0c2-9f79-4f86-8caa-47779b3f2794 jti: type: string example: b1f8c2e0-5a3d-4e7c-9b1a-2c3d4e5f6a7b '401': description: Invalid or missing JWT token content: application/json: schema: $ref: '#/components/schemas/AuthenticationErrorResponse' '404': description: User not found content: application/json: schema: $ref: '#/components/schemas/NotFoundErrorResponse' security: - BearerAuth: [] components: schemas: UserResponse: type: object properties: id: type: string description: User ID example: user123 identifiers: type: array items: $ref: '#/components/schemas/UserIdentifierResponse' description: User identifiers (email/phone) primary_identifier: $ref: '#/components/schemas/UserIdentifierResponse' roles: type: array items: $ref: '#/components/schemas/RoleResponse' description: User roles first_name: type: string description: User first name example: John last_name: type: string description: User last name example: Doe auth_methods: type: array items: type: string enum: - password - google - client_platform description: Available authentication methods example: - password suspended_at: type: string format: date-time description: User suspension timestamp example: '2024-01-01T00:00:00.000Z' created_at: type: string format: date-time description: User creation timestamp example: '2024-01-01T00:00:00.000Z' updated_at: type: string format: date-time description: User last update timestamp example: '2024-01-01T00:00:00.000Z' metadata: type: - object - 'null' nullable: true description: Additional user metadata additionalProperties: true required: - id - identifiers - primary_identifier - auth_methods - created_at - updated_at AuthenticationErrorResponse: type: object properties: error: type: object properties: code: type: string example: AUTHENTICATION_ERROR message: type: string example: Authentication required to access this resource status: type: integer example: 401 details: type: object properties: reason: type: string example: Invalid API key path: type: string example: /companies/me timestamp: type: string format: date-time example: '2023-12-01T10:00:00.000Z' requestId: type: string example: req_123456789 NotFoundErrorResponse: type: object properties: error: type: object properties: code: type: string example: RESOURCE_NOT_FOUND message: type: string example: Company with ID '123' not found status: type: integer example: 404 path: type: string example: /companies/me timestamp: type: string format: date-time example: '2023-12-01T10:00:00.000Z' requestId: type: string example: req_123456789 UserIdentifierResponse: type: object properties: id: type: string description: Unique identifier ID example: id1 type: type: string enum: - email - phone description: Type of identifier example: email value: type: string description: Identifier value example: user@company.com verified: type: boolean description: Whether identifier is verified example: true created_at: type: string format: date-time description: Identifier creation timestamp example: '2024-01-01T00:00:00.000Z' verified_at: type: string format: date-time description: Identifier verification timestamp example: '2024-01-01T01:00:00.000Z' required: - id - type - value - verified - created_at RoleResponse: type: object properties: id: type: string description: Role ID example: a3dbd0c2-9f79-4f86-8caa-47779b3f2793 name: type: string description: Role name example: admin permissions: type: array description: Array of permission strings items: type: string example: - user.create - user.read - role.create description: type: - string - 'null' description: Role description example: Administrator role with full access company_id: type: - string - 'null' description: Company ID for company-specific roles example: a3dbd0c2-9f79-4f86-8caa-47779b3f2793 organization_id: type: - string - 'null' description: Organization role ID for role inheritance example: a3dbd0c2-9f79-4f86-8caa-47779b3f2794 created_at: type: string format: date-time description: Creation timestamp example: '2024-01-01T00:00:00.000Z' updated_at: type: string format: date-time description: Last update timestamp example: '2024-01-01T00:00:00.000Z' required: - id - name - permissions - created_at - updated_at securitySchemes: BearerAuth: type: http scheme: bearer bearerFormat: JWT description: JWT token for user authentication ````